Foundations Team Updates - Thursday 20 Jul 2023

Previous week’s status can be found at

1 Like

grub 2.12~rc1-1

Rebased Debian’s grub to 2.12 and released 2.12~rc1-1 to experimental.

In the process have rewritten the secure boot approach using @xypron’s peimage.c (since reformated and refactored into three external functions [well a struct with pointers]) to provide a minimal shim for the image-related calls of the EFI Boot Services, until shim itself provides that interface. I have added a grub.peimage sbat component such that if there are security issues related to that approach, we can revoke it without revoking anything else.

This should also introduce support for zboot kernel images, and includes the fdt command that @xnox asked for.

The next steps are to fix bugs in experimental, reorder the patches a bit such that Debian-only patches come last, push more networking fixes there, and then rebase the Ubuntu patch set against the common patch set.

grub upstream

  • Sent a patch to fix secure boot fallback when mokutil --disable-validation is used.
  • Reported tests now hard erroring when not run as root breaking distro builds
  • Reported missing iso9660 test files


Travel booking for external conference.

Thursday Patch pilot morning, off afternoon, hence not in the meeting

1 Like
  • subiquity
    • PR: 1721 - fix some integration test noise
    • PR: 1722 - start the CONTRIBUTING doc
    • PR: 1729 - fix unintended extra padding to min install size, for ubuntu-desktop-installer bug #2252. Spent some time thinking as well about the general reported install minimum size. Discussing tweaking the coefficients.
    • PR: 1730 - fix action ordering - zpool and zfs objects need to be treated like mount objects, and order accordingly
    • PR: 1731 - fix autoinstall docs for zfs, and fix zfs export failure at end of install
    • vm test and merge community PR: 1536, thanks @itjamie !
    • fixup and merge existing PR: 1698 / PR: 1699, which stop a swap file from being generated for zfs and add the needed API hook for guided ZFS
    • Start work on guided install being able to do a swap partition
  • ubiquity
    • LP: #2027857 - investigate small bpool w/ Ubiuqity, this bug already fixed, but a comment needed a fix in zsys-setup. Comment fix merged to ubiquity.
  • LP: #2027826 - investigate cpc not seeding lxd. bisected livecd-rootfs to 2.837 as the cause of lxd not being seeded, but just reverting that is worse. Discussing with cpc.
  • python-lockfile vs setuptools - upload fix, @zhsj noted that the fix done for python-tinyrpc by @vorlon was the same fix for several other packages
  • Finished +1, see report
  • greenhouse
1 Like

This week I am primarily focusing on Rust toolchain updates.



  • Attended a local Chinese open-source conference during the weekend with a report to follow
1 Like


  • Created a Launchpad team, autopkgtest-requestors, that will have the ability to request autopkgtests be run which fixes bug 2022958 . Added the Canonical Foundations team to autopkgtest-requestors rather than just special casing them.
  • Sent an email about the above to the Ubuntu Developer mailing list which resulted in inviting canonical-security, canoical-server, and canonical-partner-eng to the team.
  • Submitted an MP for autopkgtest-cloud replacing Canonical Foundations in ALLOWED_TEAMS with autopkgtest-requestors, additionally made the same change in production.
  • Submitted an RT regarding errors creating new amd64 instances in lcy02 of PS5. This is the cause of the slowly consumed amd64 autopkgtest queue.
  • Restored the ability for amd64 and i386 tests to be run in lgw01 due to the issues with lcy02.
  • Added a bunch of packages back to big_packages for amd64 given the tests might be run in lgw01 and the default flavor there only has 1.5 GB of RAM.
  • Reviewed and merged @andersson123’s MP copying neutral test results forward when opening a new release. Additionally, ran some database que
    ries to see how many neutral tests were not copied during the mantic opening.
  • Reviewed an MP from @andersson123 which will prevent requesting tests which are already queued.
  • Reviewed an MP from @andersson123 which modifies the autopkgtest-cloud worker to only run tests for ESM releases on supported architectures.
  • Further testing of proxy server rules in bos01 and bos02 for the fwupd network tests see bug 2021908 for the full story.
  • Worked on provisioning the staging proposed migration environment in PS5.


  • Pulse planning.
  • Administrative work.
1 Like


  • Worked on updating the dotnet8 package to preview6 released last week
    • PPA / needs-packaging LP bug
    • Included two new targeting packs to packages
    • Cleaned up lintian
    • Working on different versioning for SDK and Runtime packages
1 Like


  • Start investigating FTBFS packages with golang-1.21. (currently 79 packages in total)
  • Update golang-1.21 to 1.21rc3 in Debian and snap.


  • setuptools proposed-migration.
    I’m assigned a duplicated task (python-lockfile vs setuptools) with @dbungert :man_facepalming: .
    Find several python packages have same failure pattern. Looks like they will be fixed in Debian soon (need a NEW package which has been accepted).
1 Like




  • Take-home test reviews
  • Candidate interviews
1 Like


  • First package upload sponsored
  • Continued work on trimming down the technical debt - a backlog of build-time test failures (most of them seen in the CI) seen in the current cycle. Latest MR created this week.


  • Worked on plugging in some basic sanity tests as autopkgtests for the openjdk-fips package. Needs review.


  • Java ecosystem meetings: Adoptium, Oracle (OCTLA)
  • Completed the mandatory HR trainings
  • More Latvian visa doc work
1 Like

short week (bank holiday last Friday)


  • opened a merge proposal against casper to tweak the logs persistence when booting from a recovery partition. Got rejected for the lack of a good use case for it.
  • been discussing with the OEM team to get a working (and lasting) setup to test OEM installs on certified hardware. Got to a point where I could briefly boot an installer image but the setup seems broken ATM.
  • been investigating possible solutions to make the call to /source optional in various installation scenarios


  • dnstwist vs pillow. Submitted a dnstwist patch to replace use of undefined property dropped from pillow 10. In the meantime, Debian released a new version (new upstream) and applied a similar patch. New version has been autosynced and migrated after a retry (some flakiness with chromium-driver / selenium).
  • dbus: opened LP: #2027991 and an associated MP. Thanks @bryce for reviewing! Dropped some pieces of our delta and still investigating if other patches are still needed. Hit an issue where the debian/sid branch got updated in git-ubuntu causing conflicts. Opened a discussion in #ubuntu-devel
1 Like


  • Review ubuntu patches for GRUB 2.12


  • Test U-Boot 2023.07+dfsg-1ubuntu1 as being prepared by @waveform
  • Provide patches to resolve a U-Boot bug when multiple USB sticks are attached to different USB root hubs


  • rework debdiff for LP #2025363

Silicon vendor collaboration

  • Work on concept


  • review written interviews
  • interview candidate
1 Like


  • Investigated migration excuses from netcat-openbsd and sudo


  • Analyzing and fixing issues found in the C code by Coverity. Tracking here PR#383
  • Addressed code review comments in my netplan state PR and added support for iterating over IP addresses found in the netdef PR#379
  • Investigated and fixed some issues in the C code and increased the warning level in meson PR#380
  • Code reviews PR#384 PR#381
1 Like

I’m technically on +1 this week, but there were quite a few time-consuming interruptions that slowed down my rate of work to a crawl.


  • Quite a few build/autopkgtest retriggers on recent Rust crates
  • weechat-matrix vs python-matrix-nio: matrix-nio changed the way they handle logging. I actually had to write an upstream patch for that!
  • nbconvert vs nbclient: nbclient changed slightly the way it displays exceptions, breaking nbconvert’s test case in the process. Cherry-picked the upstream fix in a Salsa MR, I’ll ask the Python team for a team upload if it isn’t picked up by Monday.
  • rust-criterion(-0.3): Currently trying to figure out the correct trigger combination to get those to migrate


  • Reviewed & sponsored 1.68.2
  • Reviewed 1.69
  • Finally wrote practical documentation for Rust code in main


  • The memcpy SVE patches that were the focal point of the Focal and Jammy SRUs turn out to regress due to some kernel issue!


  • Meet&Greet interview
  • Travel planning
  • armhf work planning
  • glibc test rebuild coordination
  • a few apport reviews
  • Looked into setuptools vs python-daemon, should sort itself out in Debian.
1 Like


  • initramfs-tools:
  • network-manager: Upload 1.42.6-2ubuntu2 to remove isc-dhcp-client from Depends
  • python-click: Released 8.1.6-1 to unstable to fix FTBFS after new pytest (Closes: #1040473)

armhf time_t


dhclient replacement

Filed upstream/Debian bugs for the replacement:

1 Like


  • SRU team shift on Friday


  • Reviewing schema addition for wireguard private-key-flags option


  • fixed tinyrpc autopkgtest for new setuptools
  • Patch Pilot rotation
  • Posted an updated
    debian-devel about the time_t analysis
  • Discussions around automated image testing for new Ubuntu 23.10 desktop
1 Like
  • After discussion, switching hardware access from groups to udev rules (LP: #1923363)
    • Opened PR for cloud-init
    • Working on udev rule replacements; libcamera relatively simple, GPIO/I2C/SPI simple, UARTs proving a bit harder
  • Investigated further failures of first-time setup on the Ubuntu Pi desktop images (LP: #2025068) (DNS issue potentially fixed by edge ubuntu-image; awaiting further tests)
  • Sent proposed migration fixes for pyethash upstream to Debian (LP: #2028277)
  • Worked on u-boot merge with help from @xypron (LP: #2027789)
  • Still writing second article on the state of the various desktop flavours on the Pi (sorry!)
  • Take home tests
  • Pi meetings
1 Like


  • discussed EoL Strategy with Security, Microsoft & others
  • not released yet:
    • wrote user facing documentation for EoL Strategy
    • update build instructions
    • fixed and tested LP: #2027620DOTNET_ROOT is unnecessarily set
  • working on new version format for dotnet packages
  • attended weekly .NET Source-Build Partner Sync Meeting


  • code review in ubuntu-mir, ubuntu-maintainers-handbook, ubuntu-packaging-guide
  • ubuntu-packaging-guide meeting & learning about doc-testing
  • reported LP: #2028031 – reviewer is assigned twice to merge proposal
1 Like

Shorter week due to a bank holiday


  • Bug analysis and cleanup for libgcrypt20 and openssl
  • Started building the list of bugs that I want to address in an openssl SRU starting in September
  • Getting further on testsuite for crypto-configuration and adding real-life setups (nginx at the moment), working on finalizing the specification
1 Like



  • opened MP for upgrade to 2.1.6


  • submitted patch to Debian fixing missing dependencies.

proposed migration pillow. vs. droidserver:

1 Like